1. Data Controller
AIOps Services is operated by AIBX LTD ("we", "us", "our"), a company registered in the United Kingdom.
2. Information We Collect
- Account Data: Email address, name, organisation name
- Service Data: URLs you monitor, uptime metrics, response times
- Payment Data: Processed via Stripe — we never store card details
- Technical Data: IP address, browser info, access logs (via Cloudflare)
- Usage Data: API call counts, feature usage history
3. How We Use Your Data
- Provide, maintain, and improve the service
- Process billing and payments via Stripe
- Security monitoring and fraud prevention
- Send weekly Dev Intelligence Briefings (subscribed users only)
- Comply with legal obligations (UK GDPR, Data Protection Act 2018)
4. Legal Basis (UK GDPR)
- Contract: Processing necessary to perform our service contract with you
- Legitimate interests: Security monitoring, fraud prevention, service improvement
- Consent: Marketing emails / weekly briefings (withdrawable at any time)
- Legal obligation: Tax, accounting, and regulatory compliance
5. Sub-processors & Third Parties
- Cloudflare Inc. — Infrastructure, CDN, Workers AI (US, EU-US DPF certified)
- Stripe Inc. — Payment processing (US, PCI DSS compliant)
- Resend Inc. — Transactional email delivery (US)
We do not sell your data to third parties.
6. Data Retention
- Account data: Until account deletion
- Monitoring metrics: 7–365 days depending on plan
- Billing records: 6 years (UK legal requirement)
- Access logs: Maximum 30 days
7. Your Rights (UK GDPR / GDPR)
- Right of access — request a copy of your data
- Right to rectification — correct inaccurate data
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to restrict processing or object to it
- Right to withdraw consent (e.g. unsubscribe from emails)
To exercise your rights, email privacy@aibx.ltd. We respond within 30 days.
8. Cookies & Local Storage
aiops_token (localStorage) — authentication session, requiredaiops_lang (localStorage) — language preference, required- Cloudflare security & performance cookies — required
We do not use advertising cookies or third-party analytics (no Google Analytics).
9. Security
- All traffic encrypted with TLS 1.3
- JWT-based access control
- Cloudflare Workers edge computing (distributed, no single point of failure)
- D1 database with encrypted storage
10. AI Systems Disclosure
AIOps Services uses Cloudflare Workers AI for risk assessment and report generation. These may constitute high-risk AI systems under EU AI Act Article 6. We comply with transparency obligations under EU AI Act Article 50. AI-generated content is clearly labelled where required.
11. International Transfers
Your data may be processed in the United States by our sub-processors (Cloudflare, Stripe, Resend). These transfers are covered by appropriate safeguards including EU-US Data Privacy Framework certification and Standard Contractual Clauses (SCCs).
12. Contact & Complaints
Privacy enquiries: privacy@aibx.ltd
UK supervisory authority: Information Commissioner's Office (ICO)